| Description: | Updated libxml2 packages that fix a security issue are now available forRed Hat Enterprise Linux 3, 4, and 5.This update has been rated as having important security impact by the RedHat Security Response Team.The libxml2 packages provide a library that allows you to manipulate XMLfiles. It includes support to read, modify, and write XML and HTML files.A heap-based buffer overflow flaw was found in the way libxml2 handled longXML entity names. If an application linked against libxml2 processeduntrusted malformed XML content, it could cause the application to crashor, possibly, execute arbitrary code. (CVE-2008-3529)All users of libxml2 are advised to upgrade to these updated packages,which contain a backported patch to resolve this issue. |